Git ops workflow?

We would like to commit secrets to the repo ala git-crypt. It’s a good workflow for us to stick to a git flow. Is this supported by Doppler? What would the workflow look like? Some kind of CI step that synchronizes the the repo-local encrypted data to the cloud? And how about handling the encryption within he repo as well?


Hi @jasonkuhrt!

Welcome to the Doppler Community!

Committing your secrets to a repository isn’t really the recommended workflow for using Doppler. That said, it’s certainly possible to do using our encrypted Fallback Files. That said, generally speaking, we don’t recommend actually committing them to a repository (even in their encrypted state). Instead, if you need that functionality, we recommend generating the fallback file at build/deploy time.

If you’re wanting your secrets available in CI, we do have a variety of syncs available. For example, you can setup a sync with GitHub Actions to sync the secrets from a project+config in Doppler to a repository in GitHub. Using syncs is ideal because it also insulates you from any potential platform issues on our end.

Let me know if the above works for you. If you have more questions, feel free to ask here! Having some more details about exactly what you’re trying to accomplish will prove helpful if you do though!